May 30, 2012 - 12:36 AM EDT — AAPL: 567.44 (+5.15, +0.92%) | NASDAQ: 2847.97 (+10.44, +0.37%)

Re: Brian Krebs’ reporting on supposed MacBook Wi-Fi exploit

Friday, August 4, 2006 · 10:58 am · 34 Comments

Daring Fireball’s John Gruber writes, “With a headline like ‘Hijacking a Macbook in 60 Seconds or Less,’ or his quote from exploit co-discoverer David Maynor saying ‘if you watch those ‘Get a Mac’ commercials enough, it eventually makes you want to stab one of those users in the eye with a lit cigarette or something,’ where would anyone get the idea that the point of Krebs’s post was to pick on Macs? Or, more accurately, to generate a sensational amount of attention by playing off the Mac’s sterling reputation for security?

Gruber asks, “Did Krebs see the exploit work against a MacBook’s built-in AirPort card? He says he stands by his reporting, but he did not report that the exploit works against the MacBook’s built-in AirPort driver; he reported that Maynor and Ellch told him that it works against the MacBook’s built-in AirPort driver. ‘I stand by that they told me the built-in driver is expoitable’ is very different than ‘I stand by that the built-in driver is exploitable.’

Gruber writes, “If it’s true that this exploit does work against the MacBook’s built-in AirPort driver, it’s one of the most serious security exploits ever discovered against Mac OS X. Basing their demo video on a third-party card makes matters worse, not better, because it creates the perception that the majority of MacBook users are safe because they aren’t using third-party cards.”

Gruber writes, “Krebs’s shoddy reporting leaves nearly all the important questions regarding this exploit unanswered. What about other models? Are MacBook Pros exploitable as well? PowerBooks? iBooks? Desktop Macs that use AirPort? Is a Mac vulnerable in its default out-of-the-box configuration? For example, by default, Mac OS X is configured to ask for confirmation before joining an unknown open Wi-Fi network. Does this exploit require that this setting (in the Network panel in System Preferences) be changed to allow joining unknown open networks automatically? Are any other changes to the default networking configuration required to allow this exploit to work? Is there anything Mac users can do to protect themselves other than completely disabling AirPort?”

Full article here.

[Thanks to MacDailyNews Reader "Rainy Day" for the heads up.]

MacDailyNews Take: What exactly is going on here? Any ideas?

Related MacDailyNews articles:
Hijacking an Apple Macbook in 60 seconds video posted online – August 03, 2006
Hijacking an Apple Macbook in 60 seconds – August 02, 2006

Categories: MacDailyNews, News

Thank You for supporting MacDailyNews!

♥ Adobe Photoshop CS6 Extended for Mac - Student and Teacher Edition DVD (65171323) only $249!
♥ Blowout: Apple 15.4" MacBook Pro i7/4Core/2.0GHz/4GB/500GB (MC721LL/A) only $1,549.99 + Free Shipping from MacMall
♥ Mac Madness Save 25% on Parallels Desktop 7!
♥ 15% Off Compatible Ink. 10% Off All Others (excludes OEMs). Free Shipping over $55. Coupon: 123BLOSSOM, Expires 6.18.12
♥ Save up to 60% at the Hammacher Schlemmer Special Values Sale-While supplies last.
♥ Dragon Dictate for Mac 2.5 - New! Simply Smarter Speech Recognition
♥ Up to 30% OFF Accessories from Verizon Wireless
♥ Limited Time Offer: Get free ZAGGsmartbuds when you buy a ZAGGsparq!

Comment Feed

34 Comments

1 2 Next »

iSeeStupidPeople

Friday, August 4, 2006 - 11:07 am · Reply

MDN: “What exactly is going on here? Any ideas?”

Me: Krebs is a stool.
thelt

Friday, August 4, 2006 - 11:07 am · Reply

Patched already. We don’t have to endure poor security for two years while we wait for a “service pack” from Microsoft. Today’s software update:

Security Update 2006-004 is recommended for all users and improves the security of the following components.

AFP Server
Bluetooth
Bom
DHCP
dyld
fetchmail
gnuzip
ImageIO
LaunchServices
OpenSSH
telnet
WebKit

For detailed information on this Update, please visit this website: http://docs.info.apple.com/article.html?artnum=61798
truth

Friday, August 4, 2006 - 11:08 am · Reply

It is white noise, much like the bogus Independant article from the other day. Simple..
Dirty Pierre le Punk

Friday, August 4, 2006 - 11:09 am · Reply

It’s starting to look like those OSX virus stories from a couple of months ago – plenty of froth and bubble at the start and then the real truth comes out.
davida

Friday, August 4, 2006 - 11:18 am · Reply

It smells like Microcrap, Dull, etc. sponsored F.U.D., ewh.
133t h@xx0r

Friday, August 4, 2006 - 11:20 am · Reply

ALL YOUR MAC’s BELONG TO US!!

hahahahaha!!!

By the way this update does not solve the problem.
thelt

Friday, August 4, 2006 - 11:22 am · Reply

On my post I should’ve said “maybe patched already”
It’s a theory judging from the software update.
gforce

Friday, August 4, 2006 - 11:23 am · Reply

it’s ZUNE!!!! It’s so powerful that it’s not only killing iPods but ALL Apple products everywhere!

wake up Mac people…Microsoft is winning. They are slowly and methodically taking down Apple bit by bit.

Vista isn’t delayed…it’s waiting…waiting to pounce on Leopard like…a … Leopard.
MP

Friday, August 4, 2006 - 11:24 am · Reply

The problem is in DRIVERS, NOT MAC OS BUT DRIVERS. It’s Intels failure not Apples.
Damacles

Friday, August 4, 2006 - 11:25 am · Reply

The update DOES solve the problem, it does NOT solve the problem, the sky is falling, no it isn’t . . . WHO THE HELL ARE YOU PEOPLE AND WHY SHOULD ANYONE HEED ANYTHING YOU HAVE TO SAY?

Every day–in every way–the internet is becoming a repository of fools.
Confused

Friday, August 4, 2006 - 11:27 am · Reply

What laptop did he put the third party wireless card into? It looks like a black macbook, however, I didn’t think the macbooks had that type of expansion. I though only the macbook pros had the expansion slot, and at that isn’t it the ExpressCard/34? That looked like a standard PC wireless card. It is just me or did I miss something?
BustingTheSkullsOfIdiots

Friday, August 4, 2006 - 11:27 am · Reply

For certain, third-party cards are vulnerable, regardless of OS. That’s all I can gather from the articles thus far. In any case, now that the attention spotlight has been shined on those companies, they should fix their poop.
MP

Friday, August 4, 2006 - 11:29 am · Reply

“Maynor stressed that there was nothing Mac-specific in the attack. The problem was not in the OS X operating system from Apple (AAPL) but in the third-party “device driver” software. Although only Intel (INTC) has announced vulnerabilities, it seems a safe bet at this point that there are similar problems with any type of Wi-Fi radio working with any operating system, including any flavor of Windows or Linux.”

http://yahoo.businessweek.com/technology/content/aug2006/tc20060803_264406.htm

If somebody could send this link to these guys at MDN it would be much appriciated.
BustingTheSkullsOfIdiots

Friday, August 4, 2006 - 11:30 am · Reply

Confused, you may have a point there. Can anyone else confirm?
gforce

Friday, August 4, 2006 - 11:31 am · Reply

Damacles is exempt from the foolery. You can tell from the fact that he just told us. Also, he’s so against this forum that he posted to tell us rather than closing his window.

nice conviction Dam.
andy

Friday, August 4, 2006 - 11:36 am · Reply

haha, this wasnt even using aiport, standard on all macs, its a 3rd party wi-fi, so it actually effects erm….noone, DUH
133t h@xx0r

Friday, August 4, 2006 - 11:37 am · Reply

The problem is in DRIVERS, NOT MAC OS BUT DRIVERS. It’s Intels failure not Apples.

WRONG, it’s all Mac (and PC) drivers made by a third party companies.

Wireless and Bluetooth has been insecure for a long time, it’s a intentional backdoor just like the one’s discovered in Cisco routers.

“Big Brother” want’s his way in our machines whenever he wants.
more confused

Friday, August 4, 2006 - 11:50 am · Reply

One other thing. This might be knitpicking things, but the file he created and put “this is a secret password!!” It looks like he only hit the ! button once and he even said exclamation point, not points, but when he pulled the file up on the dell, it had two.

Kinda weird. Also, you can see the wireless card just sitting on the desk next to the macbook.
coolfactor

Friday, August 4, 2006 - 11:50 am · Reply

Confused, it was a USB-based WiFi adapter. This “demo” of the exploit does leave way too many unanswered questions to be take seriously. But, we can also trust that Apple will have a fix in place before a single exploit is reported in the wild.
Beeker

Friday, August 4, 2006 - 11:51 am · Reply

***OK, FOR THE FREAKING RECORD***

MacBooks DO NOT even have PCMCIA or ExpressCard/34 so how in the world did he magically throw in a 3rd-Party wireless card?? HE DIDN’T!! Whether there is still a threat to the internal Airport card is still a question that he did not address, really.

So Mr. Smarty S. Pants over there doing demonstrations and stuff is full of horse crap. I think he may be stuck on that idea of optical illusions from his childhood, maybe he always wanted to be a magician?